> OK. First, a dumb question: what does secure boot buy you that can't achieve by locking the BIOS down to booting from the internal hard drive anyway?
Secure booting prevent rootkit malware which infects your bootloader or BIOS. The firmware will authenticate the signature of the code. If there is any tampering, it will refuse to boot.
The concept of secure boot is a good idea, but this fiasco shows how dangerous it can be if abused.
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2011-09-27 02:42 pm (UTC)Secure booting prevent rootkit malware which infects your bootloader or BIOS. The firmware will authenticate the signature of the code. If there is any tampering, it will refuse to boot.
The concept of secure boot is a good idea, but this fiasco shows how dangerous it can be if abused.